On Sat, Apr 12, 2025 at 12:45 AM Dave Crocker <d...@dcrocker.net> wrote:
> > Out in the real world, the problem is caused by lack of adequate > controls over users, on some platforms. Consider an outbound email spam filtering system that's 99.9% accurate. Under normal circumstances, that's good performance. Under the DKIM replay scenario, that 0.1% gets amplified by a factor of hundreds of thousands or millions to one. DKIM replay also degrades the performance of outbound filters. Any anti-spam system works better when it has more data to work with, and DKIM replay removes some of the strongest signals by sending to a single recipient. Content classification alone is insufficiently accurate, even if you were to have humans do it, and the amplification factor of replay gives attackers incentive to try 50 or 100 different things until they find something that gets through. I don't think anyone here reasonably expects inbound spam filters to be 100% accurate in practice, so why would that expectation apply to outbound systems?
_______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
